{"vulnerability": "CVE-2024-3820", "sightings": [{"uuid": "6b7bc487-cf58-4e7c-9f7a-d10a6faf42f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "8ba9d1c8-45f0-464f-b9ec-42170512a034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38201", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "757bde38-386c-4dfe-825d-7e5467be4295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "c705df65-5866-430c-a4b7-7476c6f7d9bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "3a5cfae3-7702-4249-a7f2-a312381ea015", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38203", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"}, {"uuid": "c42e4972-625b-438c-a2ea-a1f7f1cde5ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38203", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471268438576919", "content": "", "creation_timestamp": "2024-11-12T17:55:50.360713Z"}, {"uuid": "4ad8e791-c2fe-47f6-84e8-7be24c2050b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llzctexvn32d", "content": "", "creation_timestamp": "2025-04-04T21:02:06.348837Z"}, {"uuid": "6070ba30-6e72-40fe-9f0b-9b6f463c831e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/197", "content": "PoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released:\n https://securityonline.info/poc-exploit-for-windows-0-day-flaws-cve-2024-38202-and-cve-2024-21302-released/", "creation_timestamp": "2024-09-26T03:49:05.000000Z"}, {"uuid": "338bd099-d9cf-49e0-9588-66f7b7b43408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8600", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability \nURL\uff1ahttps://github.com/passtheticket/CVE-2024-38200\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-25T22:15:15.000000Z"}, {"uuid": "aa642850-fe48-47ec-b86b-d6efe8c9cbc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1349", "content": "", "creation_timestamp": "2024-08-08T04:00:00.000000Z"}, {"uuid": "f93fadc9-5b36-46c5-9c4e-7dfce5c00cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1352", "content": "", "creation_timestamp": "2024-08-14T04:00:00.000000Z"}, {"uuid": "249f6957-b619-4478-bc1f-1f67af2d3713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38204", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18403", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38204\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.\n\ud83d\udccf Published: 2024-10-15T22:46:38.715Z\n\ud83d\udccf Modified: 2025-06-16T02:45:11.026Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38204", "creation_timestamp": "2025-06-16T03:35:40.000000Z"}, {"uuid": "d540172b-a4b2-4a98-a7cd-474c119f98b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/ap_security/684", "content": "#pentest #exploit\n\nMicrosoft Office NTLMv2 Disclosure (CVE-2024-38200) \n \n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 302 \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442\u0430 \u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 GPO \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0445\u044d\u0448\u0435\u0439 NTLMv2 \u043f\u043e SMB \u0438 HTTP. \n \n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Office, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0445\u0435\u0448\u0438 NTLM \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443.  \n  \n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-38200 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u0438\u0446\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c. \u0421\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0431\u0430\u0433 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 32- \u0438 64-\u0431\u0438\u0442\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Office 2016, Office 2019, Office LTSC 2021 \u0438 Microsoft 365 Apps for Enterprise.  \n  \n\u0425\u043e\u0442\u044f \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 Microsoft \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-38200 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u043b\u043e\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0439, MITRE \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443  \u0438\u043d\u0430\u0447\u0435 \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0432\u044b\u0441\u043e\u043a\u0430.", "creation_timestamp": "2024-09-30T05:04:48.000000Z"}, {"uuid": "9a7be44b-ced2-47fe-8096-5e1dc3e6701f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11960", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38202\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C)\n\ud83d\udd39 Description: Summary\nMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.\nMicrosoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note: Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems.\nIf there are any further updates regarding mitigations for this vulnerability, this CVE will be updated and customers will be notified. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert if an update occurs.\nDetails\nA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.\nMicrosoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note: Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems.\nIf there are any further... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202\n\ud83d\udccf Published: 2024-08-08T01:59:34.177Z\n\ud83d\udccf Modified: 2025-04-15T23:45:21.957Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202", "creation_timestamp": "2025-04-15T23:55:43.000000Z"}, {"uuid": "13c85836-22b8-4949-8849-9ccc8a127e53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11971", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38206\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.\n\ud83d\udccf Published: 2024-08-06T21:38:19.248Z\n\ud83d\udccf Modified: 2025-04-15T23:45:15.571Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206", "creation_timestamp": "2025-04-15T23:55:59.000000Z"}, {"uuid": "7648318e-7956-454a-9551-4297d55dbb23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11977", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38200\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Office Spoofing Vulnerability\n\ud83d\udccf Published: 2024-08-08T20:45:26.301Z\n\ud83d\udccf Modified: 2025-04-15T23:45:12.079Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200", "creation_timestamp": "2025-04-15T23:56:06.000000Z"}, {"uuid": "f19cc13f-ba43-4fcb-b217-fa2aee259795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38204", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38204\n\ud83d\udd39 Description: Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.\n\ud83d\udccf Published: 2024-10-15T22:46:38.715Z\n\ud83d\udccf Modified: 2025-01-23T01:39:30.755Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38204", "creation_timestamp": "2025-01-23T02:02:45.000000Z"}, {"uuid": "a6caeae0-7d3d-4d87-aae5-71bebf98cd71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38208", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11965", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38208\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Edge for Android Spoofing Vulnerability\n\ud83d\udccf Published: 2024-08-22T23:04:47.896Z\n\ud83d\udccf Modified: 2025-04-15T23:45:19.063Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38208", "creation_timestamp": "2025-04-15T23:55:50.000000Z"}, {"uuid": "d9797bd5-b5c1-47c3-9be9-2546eaa5d07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38207", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11964", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38207\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Edge (HTML-based) Memory Corruption Vulnerability\n\ud83d\udccf Published: 2024-08-23T22:54:32.318Z\n\ud83d\udccf Modified: 2025-04-15T23:45:19.608Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38207", "creation_timestamp": "2025-04-15T23:55:49.000000Z"}, {"uuid": "ee36c242-2f7a-48b7-9efd-efdf160b51f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/kasperskyb2b/1366", "content": "\ud83e\ude9f \u0412\u0430\u0448\u0430 Windows \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0430\n\n\u041d\u0430 BlackHat 2024 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u044d\u043b\u0435\u0433\u0430\u043d\u0442\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 Windows Downdate, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0430\u044f \u0438\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u043b\u043e\u0445\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u044d\u0442\u0430\u043f \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 actionlist (Pending.xml) \u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 HardlinkFile \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043d\u043e\u0432\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b. \u0421\u0430\u043c\u0438 \u0444\u0430\u0439\u043b\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u044b, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0412\u041f\u041e \u043d\u0435\u043b\u044c\u0437\u044f, \u043d\u043e \u0432\u043e\u0442 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0441\u0430\u043c\u043e\u0439 Microsoft \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043c\u043e\u0436\u043d\u043e.\n\n\u0414\u0430\u043b\u044c\u0448\u0435 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u0432\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430. \u0421 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0445\u0438\u0449\u0440\u0435\u043d\u0438\u044f\u043c\u0438 \u043c\u043e\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0442\u0430\u043a, \u0447\u0442\u043e \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0440\u0430\u043f\u043e\u0440\u0442\u0443\u044e\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u2014 \u0441\u0430\u043c\u044b\u0435 \u0441\u0432\u0435\u0436\u0438\u0435 \u0438 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435. \n\nMicrosoft \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0435\u0451, \u0438\u0437\u0443\u0447\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0430\u0436 \u0441 \u0444\u0435\u0432\u0440\u0430\u043b\u044f. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0444\u0438\u043a\u0441 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043c\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0438 \u0444\u0430\u0439\u043b\u043e\u0432. \u0414\u0435\u0444\u0435\u043a\u0442\u0430\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u044b  CVE-2024-21302 \u0438 CVE-2024-38202, \u043d\u043e \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043f\u043e\u043a\u0430 \u0435\u0441\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u0449\u0438\u0435 \u0441\u043e\u0432\u0435\u0442\u044b \u043f\u043e \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0430\u043f\u043a\u0430\u043c \u0441 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u043c\u0438 \u043a\u043e\u043f\u0438\u044f\u043c\u0438 \u041e\u0421.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0441\u0443\u0434\u044f \u043f\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u0430\u0442\u0430\u043a\u0438, \u0434\u043b\u044f \u0435\u0451 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043d\u0443\u0436\u043d\u044b \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043d\u043e  \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u044b\u0435 \u0444\u043e\u0440\u043c\u0443\u043b\u0438\u0440\u043e\u0432\u043a\u0438 Microsoft \u043d\u0430\u043c\u0435\u043a\u0430\u044e\u0442, \u0447\u0442\u043e \u0435\u0441\u0442\u044c \u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u0438\u0437 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-08-08T11:16:38.000000Z"}, {"uuid": "51f53d9a-5333-4da1-a935-8bc859bb099b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/IRANGOBLIN_ir/453", "content": "\ud83c\udd95\ud83c\udd95\ud83c\udd95\ud83c\udd95\n\u0421\u043b\u0443\u0436\u0431\u0430 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0440\u0448\u0430\u043b\u043e\u0432 \u0421\u0428\u0410 \u043e\u0442\u0440\u0438\u0446\u0430\u0435\u0442 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u0432\u0437\u043b\u043e\u043c\u0435 \u0438 \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\ud83d\udcdd\u042d\u043a\u0441\u043f\u0435\u0440\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 SafeBreach, \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 (Alon Leviev), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Windows Downdate, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0434\u0430\u0443\u043d\u0433\u0440\u0435\u0439\u0434-\u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows 10, Windows 11 \u0438 Windows Server. \u0422\u0430\u043a\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0435\u0451 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u043a \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044f \u0441\u0442\u0430\u0440\u044b\u0435 \u0431\u0430\u0433\u0438.\n\n\ud83d\udcddWindows Downdate \u2014 \u044d\u0442\u043e \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 Python \u0438 \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b Windows. \u041e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0442\u043a\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440 Hyper-V, \u044f\u0434\u0440\u043e Windows, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b NTFS \u0438 Filter Manager, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0438 \u043f\u0430\u0442\u0447\u0438.\n\n\ud83d\udcdd\u041d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat 2024 \u041b\u0435\u0432\u0438\u0435\u0432 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u043e\u0431 \u044d\u0442\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0434\u0432\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0435\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2024-38202 \u0438 CVE-2024-21302. \u041e\u043d \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u043b, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Windows Downdate \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u0430\u0442\u0430\u043a\u0430 \u043d\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438", "creation_timestamp": "2024-09-01T14:15:59.000000Z"}, {"uuid": "1cc6c1e4-2181-4aa8-8bac-10b4c3fe31fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "Telegram/GsyCN6y1vFOnl0sS-2xeEp9xKFoaOAnw0saXwjGYbTeSZw", "content": "", "creation_timestamp": "2024-08-21T21:46:37.000000Z"}, {"uuid": "6200ced2-07ef-4d39-8780-e3cfd923d840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38207", "type": "seen", "source": "https://t.me/cvedetector/4045", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38207 - Microsoft Edge HTML-based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-38207 \nPublished : Aug. 23, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Microsoft Edge (HTML-based) Memory Corruption Vulnerability \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-24T02:19:58.000000Z"}, {"uuid": "7c3c2a64-fa9f-4373-aae5-c421ef3078d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38204", "type": "seen", "source": "https://t.me/cvedetector/7986", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38204 - Microsoft Imagine Cup Remote Authentication Bypass (Access Control)\", \n  \"Content\": \"CVE ID : CVE-2024-38204 \nPublished : Oct. 15, 2024, 11:15 p.m. | 34\u00a0minutes ago \nDescription : Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T02:08:51.000000Z"}, {"uuid": "ee6caf3a-ed46-47cc-9446-99cb56def1d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4914", "content": "#exploit\n1. CVE-2024-26808:\nLinux kernel Netfilter UaF leads to LPE\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\n2. CVE-2024-38200:\nMS Office NTLMv2 Disclosure\nhttps://github.com/passtheticket/CVE-2024-38200\n\n3. CVE-2024-7965:\nInappropriate implementation in V8 (ARM64)\nhttps://github.com/bi-zone/CVE-2024-7965", "creation_timestamp": "2024-10-02T16:38:48.000000Z"}, {"uuid": "62cc81ee-2f54-4e4c-8d96-37be15d36085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38209", "type": "seen", "source": "https://t.me/cvedetector/3971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38209 - Microsoft Edge Chromium Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-38209 \nPublished : Aug. 22, 2024, 11:15 p.m. | 41\u00a0minutes ago \nDescription : Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T02:04:42.000000Z"}, {"uuid": "9699d1a2-fd76-4a69-9322-8bd37d7d82eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38208", "type": "seen", "source": "https://t.me/cvedetector/3969", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38208 - Microsoft Edge for Android Input Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38208 \nPublished : Aug. 22, 2024, 11:15 p.m. | 41\u00a0minutes ago \nDescription : Microsoft Edge for Android Spoofing Vulnerability \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T02:04:40.000000Z"}, {"uuid": "5b5fda12-2fbc-43c0-b730-576fb4695581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/454", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability \nURL\uff1ahttps://github.com/passtheticket/CVE-2024-38200\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-26T14:25:00.000000Z"}, {"uuid": "7cc10278-e1ee-4d7c-9757-5f92372c6bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38201", "type": "seen", "source": "https://t.me/cvedetector/3061", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38201 - Microsoft Azure Stack Hub Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-38201 \nPublished : Aug. 13, 2024, 6:15 p.m. | 43\u00a0minutes ago \nDescription : Azure Stack Hub Elevation of Privilege Vulnerability \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T21:18:29.000000Z"}, {"uuid": "7e45b8de-2162-42aa-bffc-7e2efbafb7a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/cvedetector/2744", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38202 - Windows Backup Elevation of Privilege Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38202 \nPublished : Aug. 8, 2024, 2:15 a.m. | 17\u00a0minutes ago \nDescription : Summary  \nMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Backup, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.  \nMicrosoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.  \nThis CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.  \nDetails  \nA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Backup potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.  \nMicrosoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now \u2013 Microsoft Security Response Center.  \nMicrosoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.  \nRecommended Actions  \nThe following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.  \n  \nAudit users with permission to perform Backup and Restore operations to ensure only the appropriate users can perform these operations.  \n  \nAudit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 | Microsoft Learn  \n  \n  \nImplement an Access Control List or Discretionary Access Control Lists to restrict the access or modification of Backup files and perform Restore operations to appropriate users, for example administrators only.  \n  \nAccess Control overview | Microsoft Learn  \nDiscretionary Access Control Lists (DACL)  \n  \n  \nAuditing sensitive privileges used to identify access, modification, or replacement of Backup related files could help indicate attempts to exploit this vulnerability.  \n  \nAudit Sensitive Privilege Use - Windows 10 | Microsoft Learn \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-08T04:41:22.000000Z"}, {"uuid": "9b4e2343-1d4d-467a-a011-b15f4bf9b83e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/420", "content": "\u26a1\ufe0fPoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released.\n\n#CyberBulletin", "creation_timestamp": "2024-08-20T09:46:23.000000Z"}, {"uuid": "ee7f386e-7919-423d-a4cb-6cf3bfb06834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/519", "content": "https://github.com/passtheticket/CVE-2024-38200\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability\n#github #exploit", "creation_timestamp": "2024-10-01T16:11:48.000000Z"}, {"uuid": "13ce603d-a919-413d-80a4-b320d5edcbbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://t.me/cvedetector/2645", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38206 - Microsoft Copilot Studio SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38206 \nPublished : Aug. 6, 2024, 10:15 p.m. | 42\u00a0minutes ago \nDescription : An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-07T01:04:00.000000Z"}, {"uuid": "67a65ac1-fcba-4416-be7f-94e77906ee2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1592", "content": "#exploit\n1. CVE-2024-26808:\nLinux kernel Netfilter UaF leads to LPE\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\n2. CVE-2024-38200:\nMS Office NTLMv2 Disclosure\nhttps://github.com/passtheticket/CVE-2024-38200\n\n3. CVE-2024-7965:\nInappropriate implementation in V8 (ARM64)\nhttps://github.com/bi-zone/CVE-2024-7965", "creation_timestamp": "2024-10-02T16:38:49.000000Z"}, {"uuid": "a1750969-b135-40f7-aaa2-6e2b1a494853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/10630", "content": "\u200aPoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released\n\nhttps://securityonline.info/poc-exploit-for-windows-0-day-flaws-cve-2024-38202-and-cve-2024-21302-released/", "creation_timestamp": "2024-08-20T13:04:10.000000Z"}, {"uuid": "91e8ac2d-6ad5-4d6e-b715-1f17fed20fa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "Telegram/b-2Nyb7EDuMgi3IgibVFlpR-pH8BKAmPT5Jpuk1TWpQKUA", "content": "", "creation_timestamp": "2024-08-10T09:25:12.000000Z"}, {"uuid": "e691343b-049e-4013-b5f2-b85b3c38eb77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "Telegram/Q5JL7s9jIygmpJgHLljwP5x-ffdA-HgEvfGHHGeyTMQG9A", "content": "", "creation_timestamp": "2024-08-08T13:22:10.000000Z"}, {"uuid": "63235aa1-2274-4bf2-bb2e-5b6ea98ad8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3676", "content": "The Hacker News\nMicrosoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data\n\nCybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.\nTracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.\n\"An authenticated attacker can bypass Server-Side Request", "creation_timestamp": "2024-08-21T21:46:38.000000Z"}, {"uuid": "31049631-ae85-4cad-b000-6b6684169998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3820", "type": "seen", "source": "https://t.me/HackingInsights/1447", "content": "\u200aCVE-2024-3820 (CVSS 10) in wpDataTables Puts 70,000 WordPress Sites at Risk\n\nhttps://securityonline.info/cve-2024-3820-cvss-10-in-wpdatatables-puts-70000-wordpress-sites-at-risk/", "creation_timestamp": "2024-06-03T20:07:53.000000Z"}, {"uuid": "2fa4bae9-adaf-4c7e-b9b7-306b494336bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1001", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T08:34:27.000000Z"}, {"uuid": "17ef85f1-0ed2-4903-b5e0-1414113f94e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/11132", "content": "\u200aCVE-2024-38206: SSRF Vulnerability in Microsoft Copilot Studio Exposes Internal Infrastructure\n\nhttps://securityonline.info/cve-2024-38206-ssrf-vulnerability-in-microsoft-copilot-studio-exposes-internal-infrastructure/", "creation_timestamp": "2024-08-24T09:50:28.000000Z"}, {"uuid": "fc4acd91-ec92-478e-8527-36fa95ac401b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/HackingInsights/9548", "content": "\u200aCVE-2024-38200: Zero-Day Vulnerability in Microsoft Office: A Call for Urgent Action\n\nhttps://securityonline.info/cve-2024-38200-zero-day-vulnerability-in-microsoft-office-a-call-for-urgent-action/", "creation_timestamp": "2024-08-12T11:28:52.000000Z"}, {"uuid": "11d303b7-f8cd-4430-952b-5fd67de38d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/18385", "content": "The Hacker News\nMicrosoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data\n\nCybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.\nTracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.\n\"An authenticated attacker can bypass Server-Side Request", "creation_timestamp": "2024-08-21T21:46:38.000000Z"}, {"uuid": "aaa349e5-e6a0-4142-b916-42342018334d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/17425", "content": "The Hacker News\nMicrosoft Warns of Unpatched Office Vulnerability Leading to Data Exposure\n\nMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.\nThe vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -\n\nMicrosoft Office 2016 for 32-bit edition and 64-bit editions\nMicrosoft", "creation_timestamp": "2024-08-10T09:24:46.000000Z"}, {"uuid": "038fb66d-a02a-4f0b-8337-21d235dc1f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/17278", "content": "The Hacker News\nWindows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities\n\nMicrosoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions.\nThe vulnerabilities are listed below -\n\nCVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability\nCVE-2024-21302 (CVSS", "creation_timestamp": "2024-08-08T13:22:11.000000Z"}, {"uuid": "2a9f4d8d-4b1a-4af0-b965-81feda967b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "Telegram/PejxRntyRAocNHvLUV8cSPaUmeP3nZJ2C0hxUTOLqMOlgw", "content": "", "creation_timestamp": "2024-08-10T07:42:38.000000Z"}, {"uuid": "b68ec7e3-8df1-4ec3-b08d-806883f421f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "Telegram/jHfEiAdw_lYh40hMU8SzUHETztJVGikX2yDSarXqhIIatQ", "content": "", "creation_timestamp": "2024-08-08T13:39:43.000000Z"}, {"uuid": "a91a25c3-e213-4979-87ac-e2e18299b682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "Telegram/IXMIKE8VefKBr5Hkb5WlGXneNfXRZ06JiVx-pn9z2bCg0g", "content": "", "creation_timestamp": "2024-08-21T19:29:23.000000Z"}, {"uuid": "ece1fc6d-6f73-45f3-8a67-fd8a26f0e207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/KomunitiSiber/2372", "content": "Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities\nhttps://thehackernews.com/2024/08/windows-downgrade-attack-risks-exposing.html\n\nMicrosoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions.\nThe vulnerabilities are listed below -\n\nCVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability\nCVE-2024-21302 (CVSS", "creation_timestamp": "2024-08-08T14:08:33.000000Z"}, {"uuid": "66c0232b-07cd-4f5a-bf49-4bace6f68ef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3428", "content": "The Hacker News\nMicrosoft Warns of Unpatched Office Vulnerability Leading to Data Exposure\n\nMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.\nThe vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -\n\nMicrosoft Office 2016 for 32-bit edition and 64-bit editions\nMicrosoft", "creation_timestamp": "2024-08-10T09:24:46.000000Z"}, {"uuid": "ee9aae50-e220-4662-9ffc-9522c060d988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3388", "content": "The Hacker News\nWindows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities\n\nMicrosoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions.\nThe vulnerabilities are listed below -\n\nCVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability\nCVE-2024-21302 (CVSS", "creation_timestamp": "2024-08-08T13:22:11.000000Z"}, {"uuid": "0d533de5-4fbc-46b7-adef-3d8ea006d132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://t.me/KomunitiSiber/2440", "content": "Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data\nhttps://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html\n\nCybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.\nTracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.\n\"An authenticated attacker can bypass Server-Side Request", "creation_timestamp": "2024-08-21T18:36:38.000000Z"}, {"uuid": "0152ca01-3bfe-4883-a4fc-2915e1dcff04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/KomunitiSiber/2382", "content": "Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure\nhttps://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html\n\nMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.\nThe vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office -\n\nMicrosoft Office 2016 for 32-bit edition and 64-bit editions\nMicrosoft", "creation_timestamp": "2024-08-10T11:05:35.000000Z"}, {"uuid": "b3677a62-5b03-4e21-93c6-18c66440ec75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8836", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:16.000000Z"}, {"uuid": "a02741bb-c439-45dd-852b-7e846a9e302c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23947", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:12.000000Z"}, {"uuid": "c0c15b82-bd34-4d5e-aab1-8123ee215a08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3770", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:07.000000Z"}, {"uuid": "32999712-667f-4eaa-82cd-67af5486af89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/CyberSachok/1933", "content": "\u0421\u0442\u0440\u0430\u0448\u043d\u044b\u0435 \u0432\u0435\u0449\u0438 \u0442\u0432\u043e\u0440\u044f\u0442\u0441\u044f. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u0441\u043c\u043e\u0433 \u0431\u0435\u0437 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u0431\u043e\u0439\u0442\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 UEFU \u0432 Windows VBS, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0441\u0434\u0435\u043b\u0430\u0432 Windows \u0432\u043e\u0441\u043f\u0440\u0438\u0438\u043c\u0447\u0438\u0432\u043e\u0439 \u043a \u0442\u044b\u0441\u044f\u0447\u0430\u043c \u0441\u0442\u0430\u0440\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u043d \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u043b \u0432 0-day \u0438 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u00ab\u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435\u00bb \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u2014 \u044d\u0442\u043e \u0441\u043b\u043e\u0432\u0435\u0441\u043d\u044b\u0439 \u043f\u0448\u0438\u043a. \n\n\u041e\u0431 \u044d\u0442\u043e\u0439 \u0434\u0430\u0443\u043d\u0433\u0440\u0435\u0439\u0434-\u0430\u0442\u0430\u043a\u0435 \u041b\u0435\u0432\u0438\u0435\u0432 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u043d\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0439 Black Hat 2024. \u0422\u0430\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u043f\u043e \u0435\u0433\u043e \u0441\u043b\u043e\u0432\u0430\u043c, \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u043d\u0430 \u043d\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f EDR-\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c\u0438, \u0430 Windows update \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043e. \n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 Microsoft \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u044f\u043b\u0438 \u0435\u0449\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435, \u043d\u043e \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u0435\u0449\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430\u0434 \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c. \n\n\u041f\u043e\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438, Microsoft \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0440\u0438\u0441\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE.\n\nCVE-2024-21302\n\nCVE-2024-38202\n\nCVE-2024-38202 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Backup \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0441 \u0431\u0430\u0437\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043e\u0442\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438\u043b\u0438 \u043e\u0431\u043e\u0439\u0442\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 VBS.\n\n@cybersachok", "creation_timestamp": "2024-08-11T07:01:24.000000Z"}, {"uuid": "a2f8b7f0-46ef-4d9f-a217-e5083686810d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/true_secator/6081", "content": "Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e Office 2016, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0445\u044d\u0448\u0438 NTLM \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443.\n\nCVE-2024-38200 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 32- \u0438 64-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Office 2016, Office 2019, Office LTSC 2021 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Microsoft 365 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439.\n\nMicrosoft \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c PrivSec Consulting \u0438 Synack Red Team. \n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0446\u0435\u043d\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u0430\u044f Microsoft, \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-38200 \u043c\u0430\u043b\u043e\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430, \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c MITRE, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430 - \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0435\u0431-\u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432\u0435\u0431-\u0441\u0430\u0439\u0442 (\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442) \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041b\u0438\u0431\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430\u0436\u0430\u0442\u044c \u043d\u0430 \u0441\u0441\u044b\u043b\u043a\u0443, \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0432 \u043f\u043e\u0447\u0442\u0435 \u0438\u043b\u0438 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0435, \u0430 \u0437\u0430\u0442\u0435\u043c \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\nMicrosoft \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-38200 \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445, \u0437\u0430\u044f\u0432\u0438\u0432 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 Feature Flighting 30.07.2024. \u041d\u043e \u0432\u0441\u0435 \u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a NTLM \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft, \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e NTLM-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a \u043e\u0431\u0449\u0435\u043c\u0443 \u0440\u0435\u0441\u0443\u0440\u0441\u0443 SMB \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u041a\u043e\u0433\u0434\u0430 \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442, Windows \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 NTLM-\u0445\u0435\u0448\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0433\u043e \u0445\u0435\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a.\n\n\u041a\u0430\u043a\u00a0\u0443\u0436\u0435 \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435, \u044d\u0442\u0438 \u0445\u044d\u0448\u0438 \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043c\u0435\u043d\u0430\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0442\u0435\u043a\u0441\u0442\u0430\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u0439.\n\n\u0425\u044d\u0448\u0438 NTLM \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 NTLM Relay, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 ShadowCoerce, DFSCoerce, PetitPotam \u0438  RemotePotato0 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u0440\u0443\u0433\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0432 \u0441\u0435\u0442\u0438.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u043f\u0430\u0442\u0447\u0435\u0439 \u0443 Microsoft \u043f\u043e\u0434\u043f\u0440\u0438\u0431\u0430\u0432\u0438\u043b\u043e\u0441\u044c.\n\n\u0421 \u043d\u0435\u0442\u0435\u0440\u043f\u0435\u043d\u0438\u0435\u043c \u043f\u0443\u0431\u043b\u0438\u043a\u0430 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0Windows Smart App Control \u0438 SmartScreen, Windows Update Stack Elevation of Privilege (CVE-2024-38202) \u0438 Windows Secure Kernel Mode Elevation of Privilege (CVE-2024-21302).", "creation_timestamp": "2024-08-12T14:03:05.000000Z"}, {"uuid": "dc13892a-eff1-458c-9579-b2f044cb3672", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6144", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c SafeBreach \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u00a0Windows Downdate, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows 10, Windows 11 \u0438 Windows Server.\n\n\u041a\u0430\u043a \u043c\u044b \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, \u0432 \u0445\u043e\u0434\u0435 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442\u043a\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u0441\u0442\u0430\u0440\u044b\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0432\u043d\u043e\u0432\u044c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nWindows Downdate \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0432\u0438\u0434\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Python \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Windows.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u0430\u043c\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 Hyper-V (\u0434\u043e \u0434\u0432\u0443\u0445\u043b\u0435\u0442\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438), \u044f\u0434\u0440\u0430 Windows, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NTFS \u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Filter Manager (\u0434\u043e \u0438\u0445 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u043d\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0439, Windows Downdate \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043e\u0442\u043a\u0430\u0442\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2021-27090, CVE-2022-34709, CVE-2023-21768 \u0438 PPLFault, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430, \u044f\u0434\u0440\u0430 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a UEFI VBS.\n\n\u0420\u0430\u043d\u0435\u0435 \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u043e\u0432\u0430\u043b \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 Windows Downdate \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-21302 \u0438 CVE-2024-38202 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat 2024.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0435\u0433\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e EDR, \u0430 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c, \u0447\u0442\u043e \u0446\u0435\u043b\u0435\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0430 (\u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e 7 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 (KB5041773) \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 Windows Secure Kernel Mode CVE-2024-21302, \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-38202 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows.\n\n\u0414\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 Windows.", "creation_timestamp": "2024-08-28T19:30:05.000000Z"}, {"uuid": "07b96636-03b9-4ffb-b0c0-7155a47065e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38206", "type": "seen", "source": "https://t.me/thehackernews/5453", "content": "A critical security flaw in #Microsoft's Copilot Studio, tracked as CVE-2024-38206, has been disclosed, potentially exposing sensitive information. \n \nLearn more: https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html", "creation_timestamp": "2024-08-21T19:06:26.000000Z"}, {"uuid": "526260ec-ab7f-46dc-92ac-1d07e0e23091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/thehackernews/5392", "content": "Microsoft reveals a new unpatched vulnerability in Office (CVE-2024-38200) that could expose sensitive data to malicious actors. \n \nIt affects multiple Office versions and could be exploited via web-based attacks, making it a significant threat. \n \nWhile a formal patch is expected soon, Microsoft has already rolled out an alternative fix. \n \nRead: https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html", "creation_timestamp": "2024-08-10T08:32:13.000000Z"}, {"uuid": "06614932-f3cb-471d-89c3-6784911d35f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3253", "content": "https://github.com/passtheticket/CVE-2024-38200\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability\n#github #exploit", "creation_timestamp": "2024-10-01T05:07:47.000000Z"}, {"uuid": "4cf21629-18ac-4caa-9a94-e06cdea39a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11213", "content": "#exploit\n1. CVE-2024-26808:\nLinux kernel Netfilter UaF leads to LPE\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\n2. CVE-2024-38200:\nMS Office NTLMv2 Disclosure\nhttps://github.com/passtheticket/CVE-2024-38200\n\n3. CVE-2024-7965:\nInappropriate implementation in V8 (ARM64)\nhttps://github.com/bi-zone/CVE-2024-7965", "creation_timestamp": "2024-09-30T22:42:48.000000Z"}, {"uuid": "6b6ec694-a4fd-4f10-927a-57dc4b147acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2286", "content": "CVE-2024-38200 Microsoft Office NTLMv2 \n*\nexploit", "creation_timestamp": "2024-10-02T18:33:55.000000Z"}, {"uuid": "606facca-5687-4a1b-87c3-165373dca1ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "Telegram/Stj9keMzKvt2INjzJPV4RFzMYF73xG48Rh25JOmWNKGLP4o", "content": "", "creation_timestamp": "2024-08-13T23:59:36.000000Z"}, {"uuid": "e5a521e3-b138-4b8d-aaaa-b7372d8583c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7481", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:16.000000Z"}, {"uuid": "6f30d3ea-3c74-45c7-89c3-de2918838dcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_TM/880", "content": "- CVE-2024-38200: MS Office NTLMv2 Disclosure\n\nLink: https://github.com/passtheticket/CVE-2024-38200\n\n#exploit #writeup\n-   -   -   -   -   -   -   -   -\n\u2022 @Old_Unclee\n\u2022 @ZeroDay_TM", "creation_timestamp": "2024-10-02T14:46:23.000000Z"}, {"uuid": "cc0b3c0e-a804-44cc-b0de-580a3266b60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/true_secator/6070", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u0438\u0437 SafeBreach \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat 2024 \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u0434\u0432\u0435 0-day, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0449\u0438\u0445 \u043e\u0442\u043a\u0430\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 Windows 10, Windows 11 \u0438 Windows Server.\n\n\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043e\u0442\u043a\u0430\u0442\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u043a \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e, \u0447\u0442\u043e \u0432\u043d\u043e\u0432\u044c \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043c\u0435\u043d\u043d\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u041e\u0421, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 (DLL) \u0438 \u044f\u0434\u0440\u043e NT. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0426\u0435\u043d\u0442\u0440\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u041e\u0421 \u0432\u0441\u0435 \u0437\u0430\u043d\u0438\u0436\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0431\u0443\u0434\u0443\u0442 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0442\u044c\u0441\u044f \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438, \u0430 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f CVE-2024-38202 \u0438 CVE-2024-21302, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0442\u0430\u043a\u0436\u0435 \u0441\u043c\u043e\u0433 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 Credential Guard \u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 Hyper-V, \u0432\u0435\u0440\u043d\u0443\u0432 \u043f\u0440\u043e\u0448\u043b\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041e\u043d \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Windows (VBS), \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043a\u0430\u043a Credential Guard \u0438 Hypervisor-Protected Code integrity (HVCI), \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u0443\u0441\u0438\u043b\u0435\u043d\u044b  \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438 UEFI, \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0434\u043e\u0431\u0438\u0432\u0448\u0438\u0441\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a UEFI VBS \u0431\u0435\u0437 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 Windows \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0434\u043b\u044f \u0442\u044b\u0441\u044f\u0447 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u0432 \u0432\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u043d\u0443\u043b\u0438, \u043e\u0431\u043d\u0443\u043b\u0438\u0432 \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0442\u0435\u0440\u043c\u0438\u043d \u00ab\u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u0430\u044f\u00bb.\n\n\u0421\u0430\u043c\u0430 \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0435\u0435 \u043d\u0435\u043b\u044c\u0437\u044f \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0440\u0435\u0448\u0435\u043d\u0438\u0439 EDR, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u043d\u0430 \u043d\u0435\u0432\u0438\u0434\u0438\u043c\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043e (\u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u0421 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0430\u0442\u0430\u043a\u0443 Windows Downdate \u0435\u0449\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 \u0432 Microsoft, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u043b\u0438\u0448\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 Windows Update Stack Elevation of Privilege \u0438 Windows Secure Kernel Mode Elevation of Privilege.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 CVE-2024-38202 Windows Backup \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0431\u0430\u0437\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u00ab\u043e\u0442\u043c\u0435\u043d\u044f\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u00bb \u0440\u0430\u043d\u0435\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 VBS.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 CVE-2024-21302 \u0434\u043b\u044f \u0437\u0430\u043c\u0435\u043d\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Windows \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u043c\u0438 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438.\n\nMicrosoft \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0435\u0439 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438, \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 \u0434\u0432\u0443\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043d\u0443\u043b\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u043c\u0435\u043d\u044f\u0442 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435, \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b VBS \u0434\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0431\u0443\u0434\u0443\u0442 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f Microsoft Windows, \u043d\u043e \u0438 \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438.", "creation_timestamp": "2024-08-08T11:00:07.000000Z"}, {"uuid": "8a272a01-37ca-45a4-9940-25089fde9efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "seen", "source": "https://t.me/true_secator/6090", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438\u00a090 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 79 - \u00ab\u0432\u0430\u0436\u043d\u044b\u0445\u00bb \u0438 10 0-day.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 EoP, 4 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 28 - RCE, 8 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS \u0438 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0418\u0437 10 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 Patch Tuesday \u043d\u0443\u043b\u0435\u0439 \u0448\u0435\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0442\u0440\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f  \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043d\u043e Microsoft \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0448\u0435\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438:\n\n- CVE-2024-38178: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u0449\u0435\u043b\u043a\u043d\u0443\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 Microsoft Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Internet Explorer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE. \u041f\u041e \u0434\u0430\u043d\u043d\u044b\u043c NCSC \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 AhnLab, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n- CVE-2024-38193: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Windows \u0434\u043b\u044f WinSock, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Gen Digital, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f Microsoft \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442.\n\n- CVE-2024-38213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows Mark of the Web, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Trend Micro\u2019s Zero Day Initiative, \u043d\u043e \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n- CVE-2024-38106: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a EoP. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438. Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u043d\u0430\u0448\u0435\u043b \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n- CVE-2024-38107: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Power Dependency Coordinator. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442.\n\n- CVE-2024-38189: RCE-\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Project. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft Office Project \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Office \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043e \u043c\u0430\u043a\u0440\u043e\u0441\u0430\u0445 VBA. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0442.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\n- CVE-2024-38199: RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Line Printer Daemon (LPD). \u041d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 \u0432 \u043e\u0431\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 LPD \u043f\u043e \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n- CVE-2024-21302: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate.\n\n- CVE-2024-38200: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Office, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043a\u0440\u0430\u0441\u0442\u044c \u0445\u044d\u0448\u0438 NTLM.\n\n- CVE-2024-38202: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-08-14T12:17:01.000000Z"}, {"uuid": "84058a66-41b4-4b88-88a4-c68d8734a6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/true_secator/6090", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438\u00a090 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 79 - \u00ab\u0432\u0430\u0436\u043d\u044b\u0445\u00bb \u0438 10 0-day.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 EoP, 4 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 28 - RCE, 8 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS \u0438 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0418\u0437 10 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 Patch Tuesday \u043d\u0443\u043b\u0435\u0439 \u0448\u0435\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0442\u0440\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f  \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043d\u043e Microsoft \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0448\u0435\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438:\n\n- CVE-2024-38178: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u0449\u0435\u043b\u043a\u043d\u0443\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 Microsoft Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Internet Explorer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE. \u041f\u041e \u0434\u0430\u043d\u043d\u044b\u043c NCSC \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 AhnLab, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n- CVE-2024-38193: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Windows \u0434\u043b\u044f WinSock, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Gen Digital, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f Microsoft \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442.\n\n- CVE-2024-38213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows Mark of the Web, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Trend Micro\u2019s Zero Day Initiative, \u043d\u043e \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n- CVE-2024-38106: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a EoP. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438. Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u043d\u0430\u0448\u0435\u043b \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n- CVE-2024-38107: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Power Dependency Coordinator. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442.\n\n- CVE-2024-38189: RCE-\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Project. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft Office Project \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Office \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043e \u043c\u0430\u043a\u0440\u043e\u0441\u0430\u0445 VBA. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0442.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\n- CVE-2024-38199: RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Line Printer Daemon (LPD). \u041d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 \u0432 \u043e\u0431\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 LPD \u043f\u043e \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n- CVE-2024-21302: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate.\n\n- CVE-2024-38200: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Office, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043a\u0440\u0430\u0441\u0442\u044c \u0445\u044d\u0448\u0438 NTLM.\n\n- CVE-2024-38202: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-08-14T12:17:01.000000Z"}, {"uuid": "3b847daa-dd17-461b-8c24-231f93d3af08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/true_secator/6081", "content": "Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e Office 2016, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0445\u044d\u0448\u0438 NTLM \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443.\n\nCVE-2024-38200 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e 32- \u0438 64-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Office, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Office 2016, Office 2019, Office LTSC 2021 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Microsoft 365 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439.\n\nMicrosoft \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c PrivSec Consulting \u0438 Synack Red Team. \n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u0446\u0435\u043d\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u0430\u044f Microsoft, \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2024-38200 \u043c\u0430\u043b\u043e\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430, \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c MITRE, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430 - \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0435\u0431-\u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432\u0435\u0431-\u0441\u0430\u0439\u0442 (\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442) \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041b\u0438\u0431\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430\u0436\u0430\u0442\u044c \u043d\u0430 \u0441\u0441\u044b\u043b\u043a\u0443, \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0432 \u043f\u043e\u0447\u0442\u0435 \u0438\u043b\u0438 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0435, \u0430 \u0437\u0430\u0442\u0435\u043c \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\nMicrosoft \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-38200 \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445, \u0437\u0430\u044f\u0432\u0438\u0432 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 Feature Flighting 30.07.2024. \u041d\u043e \u0432\u0441\u0435 \u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0432 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a NTLM \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft, \u0432 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e NTLM-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a \u043e\u0431\u0449\u0435\u043c\u0443 \u0440\u0435\u0441\u0443\u0440\u0441\u0443 SMB \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u041a\u043e\u0433\u0434\u0430 \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442, Windows \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 NTLM-\u0445\u0435\u0448\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0433\u043e \u0445\u0435\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a.\n\n\u041a\u0430\u043a\u00a0\u0443\u0436\u0435 \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435, \u044d\u0442\u0438 \u0445\u044d\u0448\u0438 \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u043c\u0435\u043d\u0430\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0442\u0435\u043a\u0441\u0442\u0430\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u0439.\n\n\u0425\u044d\u0448\u0438 NTLM \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 NTLM Relay, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 ShadowCoerce, DFSCoerce, PetitPotam \u0438  RemotePotato0 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u0440\u0443\u0433\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0432 \u0441\u0435\u0442\u0438.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u043f\u0430\u0442\u0447\u0435\u0439 \u0443 Microsoft \u043f\u043e\u0434\u043f\u0440\u0438\u0431\u0430\u0432\u0438\u043b\u043e\u0441\u044c.\n\n\u0421 \u043d\u0435\u0442\u0435\u0440\u043f\u0435\u043d\u0438\u0435\u043c \u043f\u0443\u0431\u043b\u0438\u043a\u0430 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0Windows Smart App Control \u0438 SmartScreen, Windows Update Stack Elevation of Privilege (CVE-2024-38202) \u0438 Windows Secure Kernel Mode Elevation of Privilege (CVE-2024-21302).", "creation_timestamp": "2024-08-12T14:03:05.000000Z"}, {"uuid": "39fd8762-49ee-417a-bb05-46ca0e9e158f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "seen", "source": "https://t.me/true_secator/6274", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c \u0441 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PrivSec \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-38200, \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 NTLM Relaying, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0439 \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Office.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u0430\u043d\u043e\u043d\u0441\u0430 \u043d\u0430 DEFCON.\n\n2. GreyNoise \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0438\u044e\u043d\u044c\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SolarWinds Serv-U, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2024-28995.\n\n3. JetBrains \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 20 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 TeamCity CI/CD.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0427\u0430\u0440\u043b\u044c\u0437 \u0424\u043e\u043b \u0438\u0437 LEXFO \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u0442\u0440\u0435\u0442\u044c\u044e (\u043f\u0435\u0440\u0432\u0430\u044f \u0438 \u0432\u0442\u043e\u0440\u0430\u044f) \u0447\u0430\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 CVE-2024-2961, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Glibc (CVE-2024-2961), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PHP.\n\n5. \u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430 LAN/LDN \u0432 Nintendo Mario Kart 8 Deluxe \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.0.3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043a\u0430 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0431\u0437\u043e\u0440\u0430-\u043e\u0442\u0432\u0435\u0442\u0430, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043a\u0430\u043a KartLANPwn.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u043a \u0438\u0433\u0440\u043e\u0432\u043e\u0439 \u0441\u0435\u0441\u0441\u0438\u0438 \u0441\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043c\u0435\u043d\u044e \u00abWireless Play\u00bb (\u0438\u043b\u0438 \u00abLAN Play\u00bb) \u043d\u0430 \u0442\u0438\u0442\u0443\u043b\u044c\u043d\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 \u0438\u0433\u0440\u044b, \u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0439\u0441\u044f \u043f\u043e\u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438 (LDN) \u0438\u043b\u0438 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0442\u0432\u0435\u0442\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0412\u0441\u0435 \u044d\u0442\u043e (CVE-2024-45200) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 DoS \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0433\u0440\u044b \u0438\u043b\u0438, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e, RCE \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Akamai \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u041c\u0430\u0440\u0433\u0430\u0440\u0438\u0442\u0435\u043b\u043b\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Common UNIX Printing System (CUPS) \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0447\u0442\u043e, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Red Hat, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u0440\u0430\u0436\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0435\u0441\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u043e \u0447\u0430\u0441\u0442\u0438 RCE \u0431\u044b\u043b\u0430 \u0437\u0430\u0432\u044b\u0448\u0435\u043d\u0430, \u0442\u043e \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0443\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u043d\u043e \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0435\u0433\u043e \u0432 \u0430\u0442\u0430\u043a\u0443 \u0441 \u043d\u0443\u043b\u0435\u0432\u044b\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Akamai \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u043c\u0430\u0441\u043b\u0430 \u0432 \u043e\u0433\u043e\u043d\u044c, \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0446\u0435\u043b\u044c \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c, \u043d\u043e \u0438 \u0445\u043e\u0441\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 CUPS \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u0435\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u043d\u0443\u044e \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0426\u041f.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Akamai \u0432\u044b\u044f\u0432\u0438\u043b \u0431\u043e\u043b\u0435\u0435 58\u00a0000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 CUPS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0418 \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0432\u0441\u0435 58\u00a0000+ \u0445\u043e\u0441\u0442\u043e\u0432 CUPS \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u043e\u0434\u043d\u0443 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 1 \u0413\u0411 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0430\u043a\u0435\u0442 UDP \u0438\u0437 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c. \u0421\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 6 \u0413\u0411.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u0442\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u043e\u0448\u0435\u043b\u043e\u043c\u043b\u044f\u044e\u0449\u0438\u043c\u0438, \u043e\u043d\u0438 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0443\u0442 \u043a \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0446\u0435\u043b\u044c\u044e \u043e\u043a\u043e\u043b\u043e 2,6 \u043c\u043b\u043d. TCP-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u043b\u044e\u0431\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043b\u0435\u0433\u043a\u043e \u0438 \u043d\u0435 \u043d\u0430\u043a\u043b\u0430\u0434\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b CUPS, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u0433\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434.", "creation_timestamp": "2024-10-02T17:30:06.000000Z"}, {"uuid": "95ab49b5-0fd3-4742-a0be-e8a557d885f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6365", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c SafeBreach \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043d\u0430\u0441\u0435\u0434\u0430\u0442\u044c \u043d\u0430 Microsoft, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0432\u0435\u0440\u0441\u0438\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u044f\u0434\u0440\u0430 Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0440\u0443\u0442\u043a\u0438\u0442\u044b \u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u042d\u0442\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u0432\u0437\u044f\u0442\u0438\u044f \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u041f\u041e \u043d\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0431\u0435\u0437 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0441\u0442\u0430\u0442\u0443\u0441\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u041f\u041e (CVE-2024-21302 \u0438 CVE-2024-38202).\n\nMicrosoft \u043e\u043f\u0440\u043e\u0432\u0435\u0440\u0433\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u044f\u0432\u0438\u0432, \u0447\u0442\u043e \u043e\u043d\u0430 \u043d\u0435 \u043f\u0435\u0440\u0435\u0441\u0435\u043a\u0430\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u0433\u0440\u0430\u043d\u0438\u0446\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0445\u043e\u0442\u044f \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u044f\u0434\u0440\u0430 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f\u0445 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 BlackHat\u00a0\u0438\u00a0DEFCON\u00a0\u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u043c\u0430, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438/\u043e\u0442\u043a\u0430\u0442\u043e\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c\u00a0Windows Downdate, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0442\u044c, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0447\u0435\u0440\u0435\u0437 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 DLL, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0438 \u044f\u0434\u0440\u043e NT.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u043b\u0443\u0447\u0448\u0438\u043b\u0430\u0441\u044c \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0433\u043e\u0434\u044b, \u041b\u0435\u0432\u0438\u0435\u0432\u0443 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 DSE, \u043f\u043e\u043a\u0430\u0437\u0430\u0432, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043d\u0435\u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0440\u0443\u0442\u043a\u0438\u0442\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442, \u0447\u0442\u043e \u0445\u043e\u0442\u044f \u043d\u043e\u0432\u044b\u0435 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u044e\u0442 \u0432\u0437\u043b\u043e\u043c \u044f\u0434\u0440\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0445\u0441\u044f \u0432 \u044f\u0434\u0440\u0435, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0437\u0430\u0434\u0430\u0447\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c.\n\n\u041b\u0435\u0432\u0438\u0435\u0432 \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u0432\u043e\u0439 \u043c\u0435\u0442\u043e\u0434 \u043e\u0431\u0445\u043e\u0434\u043e\u043c DSE ItsNotASecurityBoundary, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u044e\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043e\u0434\u043d\u043e\u0438\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0433\u043e\u00a0\u043b\u043e\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u0438\u0437\u043c\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 DSE \u043f\u0443\u0442\u0435\u043c \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430, \u0434\u0430\u0436\u0435 \u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows 11.\n\n\u0410\u0442\u0430\u043a\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u043c\u0435\u043d\u044b ci.dll, \u0444\u0430\u0439\u043b\u0430, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0433\u043e \u0437\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e DSE, \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u0435\u0442 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432, \u0447\u0442\u043e \u043f\u043e \u0441\u0443\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u0442 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 Windows.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u041b\u0435\u0432\u0438\u0435\u0432 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0438\u0441\u0430\u043b \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 Microsoft Virtualization-based Security (VBS).\n\nVBS \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b (\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 UEFI \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439), \u043d\u043e \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c, \u0435\u0441\u043b\u0438 \u043d\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u0434\u0435\u043b\u0430 \u0440\u0435\u0435\u0441\u0442\u0440\u0430.\n\n\u041f\u0440\u0438 \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0444\u0430\u0439\u043b\u044b VBS, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a SecureKernel.exe, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u043c\u0435\u043d\u0435\u043d\u044b \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0440\u0443\u0448\u0430\u044e\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 VBS \u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043f\u0443\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 ItsNotASecurityBoundary \u0438 \u0437\u0430\u043c\u0435\u043d\u044b ci.dll.\n\n\u0420\u0430\u0431\u043e\u0442\u0430 \u041b\u0435\u0432\u0438\u0435\u0432\u0430 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0443\u0440\u043e\u0432\u043d\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0434\u043b\u044f \u043d\u0438\u0445 \u0438\u043d\u043e\u0433\u0434\u0430 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041f\u043e\u043a\u0430 \u043e\u0434\u043d\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442, \u0434\u0440\u0443\u0433\u0438\u0435 \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0440\u0438\u0441\u043a\u043e\u0432, \u043d\u043e \u043f\u043e\u043a\u0430 \u0431\u0435\u0437\u0443\u0441\u043f\u0435\u0448\u043d\u043e.", "creation_timestamp": "2024-10-28T14:20:05.000000Z"}, {"uuid": "d26e2a56-297a-41a9-89b2-f7b7a900ad36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "Telegram/kN3ZjUce2fGEqRkqEup_z1_hLdbRfjkyO9tPIb-rjhmISz4", "content": "", "creation_timestamp": "2024-09-26T23:02:44.000000Z"}, {"uuid": "2f503704-f3a0-4c5c-83b6-d6c7440d742e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38202", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5065", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c SafeBreach \u0410\u043b\u043e\u043d \u041b\u0435\u0432\u0438\u0435\u0432 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u00a0Windows Downdate, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows 10, Windows 11 \u0438 Windows Server.\n\n\u041a\u0430\u043a \u043c\u044b \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, \u0432 \u0445\u043e\u0434\u0435 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442\u043a\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u0441\u0442\u0430\u0440\u044b\u043c \u0432\u0435\u0440\u0441\u0438\u044f\u043c \u041f\u041e, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0432\u043d\u043e\u0432\u044c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nWindows Downdate \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0432\u0438\u0434\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Python \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Windows.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u0430\u043c\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 Hyper-V (\u0434\u043e \u0434\u0432\u0443\u0445\u043b\u0435\u0442\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438), \u044f\u0434\u0440\u0430 Windows, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NTFS \u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Filter Manager (\u0434\u043e \u0438\u0445 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u043d\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0439, Windows Downdate \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043e\u0442\u043a\u0430\u0442\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2021-27090, CVE-2022-34709, CVE-2023-21768 \u0438 PPLFault, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430, \u044f\u0434\u0440\u0430 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a UEFI VBS.\n\n\u0420\u0430\u043d\u0435\u0435 \u041b\u0435\u0432\u0438\u0435\u0432 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u043e\u0432\u0430\u043b \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u0438 Windows Downdate \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-21302 \u0438 CVE-2024-38202 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat 2024.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0435\u0433\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e EDR, \u0430 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c, \u0447\u0442\u043e \u0446\u0435\u043b\u0435\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0430 (\u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e 7 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 (KB5041773) \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 Windows Secure Kernel Mode CVE-2024-21302, \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-38202 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows.\n\n\u0414\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 Windows.", "creation_timestamp": "2024-08-29T19:16:11.000000Z"}, {"uuid": "21d04b10-41a2-45b4-afae-a1197baf6f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38200", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/398", "content": "Tools - Hackers Factory \n\nSpider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported.\n\nhttps://github.com/blacklanternsecurity/MANSPIDER\n\nNameless C2 - A C2 with all its components written in Rust.\n\nhttps://github.com/trickster0/NamelessC2\n\nBOF for C2 framework\n\nhttps://github.com/mr-r3bot/bof-modules\n\nCUPSHax\n\nhttps://github.com/RickdeJager/cupshax\n\nA work in progress BOF/COFF loader in Rust.\n\nhttps://github.com/yamakadi/ldr\n\nCVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability.\n\nhttps://github.com/passtheticket/CVE-2024-38200\n\nCompleted update for my TrustedInstaller process execution tool.\n\nhttps://github.com/daem0nc0re/PrivFu?tab=readme-ov-file#trustexec\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-30T07:29:12.000000Z"}]}